Filter and search through 197,245 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-55196 | ## Summary A vulnerability was discovered in the External Secrets Operator where the `List()` calls for Kubernetes Secret and SecretStore resources pe... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-55193 | This vulnerability has been assigned the CVE identifier CVE-2025-55193 ### Impact The ID passed to `find` or similar methods may be logged without es... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55192 | HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerabi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-55166 | #### Problem The sanitization logic at https://github.com/darylldoyle/svg-sanitizer/blob/0.21.0/src/Sanitizer.php#L454-L481 only searches for lower-c... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55164 | ### Impact A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if you provide a policy name called `__proto__` you can o... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55159 | ### Impact The `get_disjoint_mut` method in slab v0.4.10 incorrectly checked if indices were within the slab's capacity instead of its length, allowi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55156 | ### Summary The parameter `add_links` in the API /json/add_package is vulnerable to SQL Injection. SQL injection vulnerabilities can lead to sensitive... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55153 | Rejected reason: This CVE is a duplicate of another CVE. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-55149 | ## Description A critical path traversal vulnerability (CWE-22) has been identified in the `review_paper` function in `backend/app.py`. The vulnerabil... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55131 | A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the `vm` module with the time... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55129 | HackerOne community member Kassem S.(kassem_s94) has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks ... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-55128 | HackerOne community member Dao Hoang Anh (yoyomiski) has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An at... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-55126 | HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-relat... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-55124 | Improper neutralisation of input in Revive Adserver 6.0.0+ causes a reflected XSS attack in the banner-zone.php script. | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-55102 | A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-55072 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-55037 | Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If thi... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-55027 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-55026 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-55025 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |